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Listing of Claims : 

1-25. (Canceled). 



26. (Previously presented) A network relaying method for a communication 
network system in which a plurality of network devices are coupled via a 
communication path, each network device including a network relaying device which 
is coupled via a plurality of I/O ports to a corresponding plurality of terminals, the 
method comprising the steps of: 

receiving a packet at a first I/O port from a source terminal coupled to the first 
I/O port, the packet including a header containing a packet transmission source 
address; 

determining whether a combination of the first I/O port and the packet 
transmission source address coincides with a combination of an I/O port and a 
transmission source address that have been registered in advance with a 
correspondence therebetween; 

when the determining step results in a determination that the combination of 
the first I/O port and the packet transmission source address coincides with a 
combination of an I/O port and transmission source address that have been 
registered in advance with a correspondence therebetween, transferring the packet 
received at the first I/O port via a second I/O port; 
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when the determining step results in a determination that the combination of 
the first I/O port and the packet transmission source address do not have a 
coincidence with a combination of an I/O port and transmission source address that 
have been registered in advance with a correspondence therebetween: 

limiting transfer of the received packet and transmitting a request for user 
authentication of a user to the source terminal of said received packet; 

receiving user authentication information sent from the source terminal in 
response to the request for user authentication; 

executing user authentication of the user based on the user authentication 
information thus received and based on the packet transmission source address; 

when the user is authenticated by the user authentication executed in the 
executing step, registering the first I/O port with a correspondence to the packet 
transmission source address; 

transferring the packet received at the first I/O port via the second I/O port; 

and 

when the user is not authenticated by the user authentication executed in the 
executing step, not transferring the packet received at the first I/O port. 

27, (Previously presented) A network relaying method according to Claim 26, 
wherein the user authentication information includes a user name and a password. 

28. (Previously presented) A network relaying method according to Claim 28, 
wherein the transmission source address includes an IP address and a MAC 
address. 
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29. (Previously presented) A network relaying apparatus, comprising: 
a plurality of I/O ports coupled to a plurality of terminals, respectively; 
a communication portion for transmitting and receiving data via the plurality of 
I/O ports; 

a relay portion which determines a transmitting I/O port of the plurality of I/O 
ports, from which a packet received via the communication portion from a receiving 
I/O port of the plurality of I/O ports is output via the communication portion; and 
which determines whether a combination of the receiving I/O port and a packet 
transmission source address contained in the packet coincides with a combination of 
an I/O port and a transmission source address that have been registered in advance 
with a correspondence therebetween, wherein said relay portion transfers the 
received packet from the transmitting I/O port when the relay portion determines that 
the combination of the receiving I/O port and the packet transmission source address 
coincides with a combination of an I/O port and transmission source address that 
have been registered in advance with a correspondence therebetween, and wherein 
said relay portion requests user authentication of a user from a source terminal of 
said received packet when the relay portion determines that the combination of the 
receiving I/O port and the packet transmission source address do not have a 
coincidence with a combination of an I/O port and a transmission source address 
that have been registered in advance with a correspondence therebetween; 

an authentication portion which registers the receiving I/O port with a 
correspondence to the packet transmission source address when completing user 

4 



PAGE 5/12 1 RCVD AT 12/1212006 4:27:51 PM [Eastern Standard Time] * SVR:USPTO«EFXRF-3/20 1 DNIS:2738300 * CSID:703 684 1 157 * DURATION (mm-s$):02«48 



12-12-' 06 16:25 FHOM-Mattingly, Stanger 703-684-1157 T-421 P006/012 F-168 

U.S. Application No. 09/455 f 363 

authentication based on user authentication information sent from the source 
terminal in response to the request for user authentication, and 

when the authentication portion does not authenticate the user, the relay 
portion does not transfer the received packet. 

30. (Previously presented) A network relaying apparatus according to Claim 
29, wherein the user authentication information includes a user name and a 
password, 

31. (Previously presented) A network relaying apparatus according to Claim 
29, wherein the transmission source address includes an IP address and a MAC 
address. 

32. (New) The network relaying method according to claim 26, 

wherein the source terminal coupled to the first I/O port belongs to a VLAN; 

and 

wherein when a user is not authenticated by the user authentication executed 
in the executing step, a warning message is sent to all terminals belonging to the 
same VLAN as the source terminal of the packet received at the first I/O port. 

33. (New) The network relaying method according to claim 26, further 
comprising the step of performing user authentication periodically for each of said 
plurality of terminate having an address registered in advance with a correspondence 
to an I/O port. 
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34. (New) The network relaying method according to claim 26, wherein the 
received packet includes a destination address, and the method further comprises 
the steps of: 

determining whether the destination address is registered in advance as a 
source address in combination with an I/O port; 

if the determining step determines that the destination address of the received 
packet is not registered in advance as a source address in combination with an I/O 
port, user authentication is made as to a destination terminal having the destination 
address, by transmitting a request for user authentication to the destination terminal 
of the received packet; receiving user authentication information sent from the 
destination terminal in response to the request for user authentication based on the 
user authentication information thus received from the destination terminal; when the 
user is authenticated by the user authentication based on the user authentication 
information received from the destination terminal, registering the first I/O port with a 
correspondence to the destination address; and when the user is not authenticated 
by the user authentication based on the user authentication information received 
from the destination terminal, not registering the first I/O port with a correspondence 
to the destination address. 

35. (New) The network relaying apparatus according to claim 29, 
wherein the source terminal of the received packet belongs to a VLAN; and 
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wherein when a user is not authenticated by the user authentication, a 
warning message is sent to all terminals belonging to the same VLAN as the source 
terminal of the received packet. 

36. (New) The network relaying apparatus according to claim 29. wherein 
user authentication is performed periodically for each terminal having an address . 
registered in advance with a correspondence to an I/O port. 

37. (New) The network relaying method according to claim 29, 
wherein the received packet includes a destination address, 
wherein the relay portion determines whether the destination address is 

registered in advance as a source address in combination with an I/O port, 

wherein if the relay portion determines that the destination address of the 
received packet is not registered in advance as a source address in combination with 
an I/O port, the relay portion initiates user authentication as to a destination terminal 
having the destination address by transmitting a request for user authentication to 
the destination terminal of the received packet and receiving user authentication 
information sent from the destination terminal in response to the request for user 
authentication based on the user authentication information thus received from the 
destination terminal, 

wherein when the user is authenticated by the user authentication based on 
the user authentication information received from the destination terminal, the 
authentication portion registers the receiving I/O port with a correspondence to the 
destination address, and 
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wherein when the user is not authenticated by the user authentication based 
on the user authentication information received from the destination terminal, the 
authentication portion does not register the receiving I/O port with a correspondence 
to the destination address. 
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